Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-5362

The Carousel, Recent Post Slider and Banner Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'spice_post_slider' shortcode in versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.7%
CVSS Severity
CVSS v3 Score 6.4
References
Products affected by CVE-2023-5362
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.1
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.2
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.3
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.4
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.5
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.6
  • None » None » Version:
    _recent_post_slider_and_banner_slider:0.7
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.0
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.1
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.2
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.3
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.4
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.5
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.6
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.7
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.8
  • None » None » Version:
    _recent_post_slider_and_banner_slider:1.9
  • None » None » Version:
    _recent_post_slider_and_banner_slider:2.0
  • None » None » Version:
    _recent_post_slider_and_banner_slider:2.0.1
  • Spicethemes » Carousel » Version: Any
    cpe:2.3:a:spicethemes:carousel


Products
Pricing
Contact Us

Shodan ® - All rights reserved